${KEY_MANAGER_CLIENT_SRC_PATH}/client-echo.cpp
${KEY_MANAGER_CLIENT_SRC_PATH}/client-key.cpp
${KEY_MANAGER_CLIENT_SRC_PATH}/client-key-impl.cpp
+ ${KEY_MANAGER_CLIENT_SRC_PATH}/client-manager.cpp
${KEY_MANAGER_CLIENT_SRC_PATH}/client-manager-impl.cpp
)
, extractable(extract)
, restricted(rest)
{}
+ virtual ~Policy(){}
RawData password; // byte array used to encrypt data inside CKM
bool extractable; // if true key may be extracted from storage
bool restricted; // if true only key owner may see data
class Manager {
public:
- Manager(){}
+ Manager();
// Manager(int uid); // connect to database related with uid
Manager(const Manager &connection) = delete;
Manager(Manager &&connection) = delete;
Manager operator=(const Manager &connection) = delete;
Manager operator=(Manager && connection) = delete;
- virtual ~Manager(){}
+ virtual ~Manager();
int saveKey(const Alias &alias, const Key &key, const Policy &policy);
// Certificate could not be nonexportable because we must be able to read
: m_type(KeyType::KEY_NONE)
{}
+Key::KeyImpl::KeyImpl(const KeyImpl &second)
+ : m_type(second.m_type)
+ , m_key(second.m_key)
+{}
+
+Key::KeyImpl::KeyImpl(KeyImpl &&second)
+ : m_type(second.m_type)
+ , m_key(std::move(second.m_key))
+{}
+
+Key::KeyImpl& Key::KeyImpl::operator=(const KeyImpl &second) {
+ m_type = second.m_type;
+ m_key = second.m_key;
+ return *this;
+}
+
+Key::KeyImpl& Key::KeyImpl::operator=(KeyImpl &&second) {
+ m_type = std::move(second.m_type);
+ m_key = std::move(second.m_key);
+ return *this;
+}
+
Key::KeyImpl::KeyImpl(IStream &stream) {
int type;
Deserialization::Deserialize(stream, type);
BIO_free_all(bio);
}
-void Key::KeyImpl::Serialize(IStream &stream) {
+void Key::KeyImpl::Serialize(IStream &stream) const {
Serialization::Serialize(stream, static_cast<int>(m_type));
Serialization::Serialize(stream, m_key);
}
namespace CKM {
-class Key::KeyImpl {
+class Key::KeyImpl : public ISerializable {
public:
KeyImpl();
KeyImpl(IStream &stream);
KeyImpl(const RawData &data, KeyType type, const RawData &password);
- KeyImpl(const KeyImpl &) = delete;
- KeyImpl(KeyImpl &&) = delete;
- KeyImpl& operator=(const KeyImpl &) = delete;
- KeyImpl& operator=(KeyImpl &&) = delete;
+ KeyImpl(const KeyImpl &);
+ KeyImpl(KeyImpl &&);
+ KeyImpl& operator=(const KeyImpl &);
+ KeyImpl& operator=(KeyImpl &&);
KeyType getType() const {
return m_type;
return m_key.empty();
}
- void Serialize(IStream &stream);
+ void Serialize(IStream &stream) const;
virtual ~KeyImpl();
private:
return m_impl->empty();
}
-Key::KeyType Key::getType() const {
+KeyType Key::getType() const {
return m_impl->getType();
}
+/* Copyright (c) 2000 - 2013 Samsung Electronics Co., Ltd All Rights Reserved
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License
+ *
+ *
+ * @file client-manager-impl.cpp
+ * @author Bartlomiej Grzelewski (b.grzelewski@samsung.com)
+ * @version 1.0
+ * @brief Manager implementation.
+ */
+#include <client-manager-impl.h>
+#include <message-buffer.h>
+#include <client-common.h>
+#include <dpl/serialization.h>
+#include <protocols.h>
+#include <client-key-impl.h>
+
+namespace CKM {
+
+int Manager::ManagerImpl::saveKey(const Alias &alias, const Key &key, const Policy &policy) {
+ m_counter++;
+
+ return try_catch([&] {
+ if (alias.empty() || key.empty())
+ return KEY_MANAGER_API_ERROR_INPUT_PARAM;
+
+ MessageBuffer send, recv;
+ Serialization::Serialize(send, static_cast<int>(StorageCommand::SAVE));
+ Serialization::Serialize(send, m_counter);
+ Serialization::Serialize(send, static_cast<int>(toDBDataType(key.getType())));
+ Serialization::Serialize(send, alias);
+ Serialization::Serialize(send, key.getImpl());
+ Serialization::Serialize(send, PolicySerializable(policy));
+
+ int retCode = sendToServer(
+ SERVICE_SOCKET_CKM_STORAGE,
+ send.Pop(),
+ recv);
+
+ if (KEY_MANAGER_API_SUCCESS != retCode) {
+ return retCode;
+ }
+
+ int command;
+ int counter;
+ int opType;
+ Deserialization::Deserialize(recv, command);
+ Deserialization::Deserialize(recv, counter);
+ Deserialization::Deserialize(recv, opType);
+ Deserialization::Deserialize(recv, retCode);
+
+ if (counter != m_counter) {
+ return KEY_MANAGER_API_ERROR_UNKNOWN;
+ }
+
+ return retCode;
+ });
+}
+
+int Manager::ManagerImpl::removeKey(const Alias &alias) {
+ return try_catch([&] {
+ if (alias.empty())
+ return KEY_MANAGER_API_ERROR_INPUT_PARAM;
+
+ MessageBuffer send, recv;
+ Serialization::Serialize(send, static_cast<int>(StorageCommand::REMOVE));
+ Serialization::Serialize(send, m_counter);
+ Serialization::Serialize(send, static_cast<int>(DBDataType::KEY_RSA_PUBLIC));
+ Serialization::Serialize(send, alias);
+
+ int retCode = sendToServer(
+ SERVICE_SOCKET_CKM_STORAGE,
+ send.Pop(),
+ recv);
+
+ if (KEY_MANAGER_API_SUCCESS != retCode) {
+ return retCode;
+ }
+
+ int command;
+ int counter;
+ int opType;
+ Deserialization::Deserialize(recv, command);
+ Deserialization::Deserialize(recv, counter);
+ Deserialization::Deserialize(recv, opType);
+ Deserialization::Deserialize(recv, retCode);
+
+ if (counter != m_counter) {
+ return KEY_MANAGER_API_ERROR_UNKNOWN;
+ }
+
+ return retCode;
+ });
+}
+
+int Manager::ManagerImpl::getKey(const Alias &alias, const RawData &password, Key &key) {
+ return try_catch([&] {
+ if (alias.empty())
+ return KEY_MANAGER_API_ERROR_INPUT_PARAM;
+
+ MessageBuffer send, recv;
+ Serialization::Serialize(send, static_cast<int>(StorageCommand::GET));
+ Serialization::Serialize(send, m_counter);
+ Serialization::Serialize(send, static_cast<int>(DBDataType::KEY_RSA_PUBLIC));
+ Serialization::Serialize(send, alias);
+ Serialization::Serialize(send, password);
+
+ int retCode = sendToServer(
+ SERVICE_SOCKET_CKM_STORAGE,
+ send.Pop(),
+ recv);
+
+ if (KEY_MANAGER_API_SUCCESS != retCode) {
+ return retCode;
+ }
+
+ int command;
+ int counter;
+ int opType;
+ Deserialization::Deserialize(recv, command);
+ Deserialization::Deserialize(recv, counter);
+ Deserialization::Deserialize(recv, opType);
+ Deserialization::Deserialize(recv, retCode);
+
+ if (retCode == KEY_MANAGER_API_SUCCESS)
+ Deserialization::Deserialize(recv, *(key.getImpl()));
+
+ if (counter != m_counter) {
+ return KEY_MANAGER_API_ERROR_UNKNOWN;
+ }
+
+ return retCode;
+ });
+}
+
+} // namespace CKM
+
* limitations under the License
*
*
- * @file client-manager-impl.cpp
+ * @file client-manager-impl.h
* @author Bartlomiej Grzelewski (b.grzelewski@samsung.com)
* @version 1.0
* @brief Manager implementation.
{}
virtual ~ManagerImpl(){}
- int saveKey(const Alias &alias, const Key &key, const Policy &policy) {
- m_counter++;
-
- return try_catch([&] {
- if (user.empty() || key.empty())
- return KEY_MANAGER_API_ERROR_INPUT_PARAM;
-
- Message send, recv;
- Serialization::Serialization(send, static_cast<int>(StorageCommand::SAVE_KEY));
- Serialization::Serialize(send, m_counter);
- Serialization::Serialize(send, alias);
- Serialization::Serialize(send, key.getImpl());
- Serialization::Serialize(send, policy);
-
- int retCode = sendToServer(
- SERVICE_SOCKET_CKM_STORAGE,
- send.Pop(),
- recv);
-
- if (KEY_MANAGER_API_SUCCESS != retCode) {
- return retCode;
- }
-
- int id;
- Deserialization::Deserialize(recv, id);
- Deserialization::Deserialize(recv, retCode);
-
- if (id != m_counter) {
- return KEY_MANAGER_API_ERROR_UNKNOWN;
- }
-
- return retCode;
- });
- }
-
- int removeKey(const Alias &alias) {
- return try_catch([&] {
- if (user.empty() || key.empty())
- return KEY_MANAGER_API_ERROR_INPUT_PARAM;
-
- Message send, recv;
- Serialization::Serialization(send, static_cast<int>(StorageCommand::REMOVE_KEY));
- Serialization::Serialize(send, m_counter);
- Serialization::Serialize(send, alias);
-
- int retCode = sendToServer(
- SERVICE_SOCKET_CKM_STORAGE,
- send.Pop(),
- recv);
-
- if (KEY_MANAGER_API_SUCCESS != retCode) {
- return retCode;
- }
-
- int id;
- Deserialization::Deserialize(recv, id);
- Deserialization::Deserialize(recv, retCode);
-
- if (id != m_counter) {
- return KEY_MANAGER_API_ERROR_UNKNOWN;
- }
-
- return retCode;
- }
-
- int getKey(const Alias &alias, const RawData &password, Key &key) {
- return try_catch([&] {
- if (user.empty() || key.empty())
- return KEY_MANAGER_API_ERROR_INPUT_PARAM;
-
- Message send, recv;
- Serialization::Serialization(send, static_cast<int>(StorageCommand::REMOVE_KEY));
- Serialization::Serialize(send, m_counter);
- Serialization::Serialize(send, alias);
- Serialization::Serialize(send, password);
- Serialization::Serialize(send, key.getImpl());
-
- int retCode = sendToServer(
- SERVICE_SOCKET_CKM_STORAGE,
- send.Pop(),
- recv);
-
- if (KEY_MANAGER_API_SUCCESS != retCode) {
- return retCode;
- }
-
- int id;
- Deserialization::Deserialize(recv, id);
- Deserialization::Deserialize(recv, retCode);
-
- if (id != m_counter) {
- return KEY_MANAGER_API_ERROR_UNKNOWN;
- }
-
- return retCode;
- }
+ int saveKey(const Alias &alias, const Key &key, const Policy &policy);
+ int removeKey(const Alias &alias);
+ int getKey(const Alias &alias, const RawData &password, Key &key);
private:
int m_counter;
};
+} // namespace CKM
Manager::~Manager(){}
int Manager::saveKey(const Alias &alias, const Key &key, const Policy &policy) {
- m_impl->saveKey(alias, key, policy);
+ return m_impl->saveKey(alias, key, policy);
}
int Manager::removeKey(const Alias &alias) {
- m_impl->removeKey(alias);
+ return m_impl->removeKey(alias);
}
-int Manager::getKey(const Alias &alias, Key &key, const RawData &password) {
- m_impl->getKey(alias, password, key);
+int Manager::getKey(const Alias &alias, const RawData &password, Key &key) {
+ return m_impl->getKey(alias, password, key);
}
} // namespace CKM
#include <protocols.h>
+#include <dpl/serialization.h>
+
namespace CKM {
char const * const SERVICE_SOCKET_ECHO = "/tmp/.central-key-manager-echo.sock";
char const * const SERVICE_SOCKET_CKM_CONTROL = "/tmp/.central-key-manager-api-control.sock";
char const * const SERVICE_SOCKET_CKM_STORAGE = "/tmp/.central-key-manager-api-storage.sock";
+DBDataType toDBDataType(KeyType key) {
+ switch(key) {
+ case KeyType::KEY_RSA_PUBLIC: return DBDataType::KEY_RSA_PRIVATE;
+ case KeyType::KEY_RSA_PRIVATE: return DBDataType::KEY_RSA_PUBLIC;
+ default:
+ // TODO
+ throw 1;
+
+ }
+}
+
+PolicySerializable::PolicySerializable(const Policy &policy)
+ : Policy(policy)
+{}
+
+PolicySerializable::PolicySerializable(IStream &stream) {
+ Deserialization::Deserialize(stream, password);
+ Deserialization::Deserialize(stream, extractable);
+ Deserialization::Deserialize(stream, restricted);
+}
+
+void PolicySerializable::Serialize(IStream &stream) const {
+ Serialization::Serialize(stream, password);
+ Serialization::Serialize(stream, extractable);
+ Serialization::Serialize(stream, restricted);
+}
+
} // namespace CKM
*/
#pragma once
+#include <ckm/ckm-type.h>
+
+#include <dpl/serialization.h>
+
namespace CKM {
extern char const * const SERVICE_SOCKET_ECHO;
RESET_USER_PASSWORD
};
+enum class StorageCommand : int {
+ GET,
+ SAVE,
+ REMOVE,
+};
+
enum class DBDataType : int {
- UNKNOWN,
KEY_RSA_PUBLIC,
KEY_RSA_PRIVATE,
KEY_ECDSA_PUBLIC,
BINARY_DATA
};
+DBDataType toDBDataType(KeyType key);
+
+class IStream;
+
+struct PolicySerializable : public Policy, ISerializable {
+ explicit PolicySerializable(const Policy &);
+ explicit PolicySerializable(IStream &);
+ void Serialize(IStream &) const;
+};
+
} // namespace CKM
{
object.Serialize(stream);
}
+
static void Serialize(IStream& stream, const ISerializable* const object)
{
object->Serialize(stream);
projects / platform / core / security / key-manager.git / commitdiff